Software update management

ABSTRACT

A software update method permits a local software update server to act as a update source for client computer systems in its local network. The local update server provides updates for one or more specified groups of client computers.

BACKGROUND

The present invention relates generally to the distribution of software updates via a computer network. As used herein, a “computer network” comprises any number of computer systems (e.g., personal computers, workstations, servers, etc.) that are able to exchange information with one another. Computer systems in a computer network may be arranged in any configuration, use any medium for communication (e.g., wired or wireless) and any communication protocol.

A typical computer system, such as a personal computer system, typically has a variety of software products installed and available for execution. Example software products include the operating system, device drivers, code libraries, utilities, and user programs such as, for example, calendar, contact (i.e., “address book”), web browser and graphics applications. It is common practice in the commercial software industry for software and/or computer system vendors to provide periodic software updates to their customers (e.g., patches, fixes, new versions of existing software and new software).

The prior art provides two general approaches to delivering software updates over a computer network. In the first approach, a client or end-user computer system contacts a software provider's update server directly. In the second approach, a client computer system obtains updates from a software provider's update server through a local update server—generally belonging to the same intranet or local area network as the client computer system. The first update approach requires the software provider's update server have sufficient capacity to reliably handle all user requests. The second approach provides a direct means for an institutional user (e.g., an academic campus or commercial intranet provider) to limit the updates provided to its users while also reducing the number of update downloads that the update server must provide. Neither approach, however, addresses the update server's computational load associated with providing software updates. Thus, it would be beneficial to provide a software update mechanism that can reduce the computational resources and the number of update downloads a software vendor must provide during an update procedure.

SUMMARY

The invention provides a software update method applicable to tiered network architectures—that is, where a client communicates to a software update server through at least one intermediary or local server computer system. The method includes receiving software updates at a local server, receiving (at the local server) an update request from a client computer system and sending the client a list identifying one or more applicable updates (e.g., a catalog of available update packages) based on the client computer's membership in one or more of a plurality of user groups. In one embodiment, the local server maintains an update list applicable for each user-group it provides update service to (e.g., a “system administrator,” “software developer” or “student” user-groups). Each client may then obtain software updates from the local-server, where update packages may be obtained directly from the local server or from another computer system in the local network of which the client computer is a member. In another embodiment, the local server may also receive a revocation or withdrawal list from the update server. In this embodiment, the revocation list may identify one or more software update packages previously made available from the update server but which should no longer be distributed. In response to the revocation list, the local server could cease distributing the identified software update package(s). The revocation list could be obtained by the local server as a separate and discrete update list from an update source, or it could be received as part of a larger software update list. Methods in accordance with these embodiments of the invention may be stored in any media that is readable and executable by a computer system.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows a computer system to which a software update process in accordance with one embodiment of the invention may be applied.

FIGS. 2A and 2B show a software update process in accordance with one embodiment of the invention.

DETAILED DESCRIPTION

The following descriptions are presented to enable any person skilled in the art to make and use the invention as claimed and is provided in the context of the particular examples discussed below, variations of which will be readily apparent to those skilled in the art. Accordingly, the claims appended hereto are not intended to be limited by the disclosed embodiments, but are to be accorded their widest scope consistent with the principles and features disclosed herein.

Referring to FIG. 1, in one embodiment of the invention client or end-user computer system 100 communicates with commercial software vendor's update server 105 through network 110 and local server 115. In the illustrative topology of FIG. 1, intranet 120 comprises a plurality of client computer systems 100-125, each of which may communicate with update server 105 through local server 115 and network 110. It is currently common practice for commercial software vendors to host and maintain update server 105 and to use third party resources 130 (e.g., computer servers 135-140) to store and serve their update packages to customers. It will be recognized that the services provided by update server 105 and update source 130 could also be provided by a single computer system or a plurality of co-located computer systems. In this configuration, client computers 100-125 and local server 115 are typically components of a local area network or intranet 120 administered by an academic, corporate or commercial entity. It will be recognized that network 110 may be a public, private or a combination of public and private networks.

Referring to FIG. 2A, an update process for the configuration of FIG. 1 begins when local server 115 requests a list of updates available from update server 105 (200). The target vendor's update server responds by transmitting a catalog of available update packages (205). In one embodiment, the update catalog comprises a list of all software updates provided by the update server's owners. In another embodiment, the update catalog comprises a list of less than all of the updates provided by the update server's owners (e.g., only those updates associated with a specific product line). In general, each catalog entry may include information that identifies the update package (e.g., the iTunes application provided by Apple Computer, Inc. of Cupertino, Calif.), the update version (e.g., version 4.6, Build 15) and a location from which the update may be obtained (e.g., update server 105 or update source 130 via, for example, HTTP links (205). Next, local server 115 determines which available updates are applicable to the client computer systems within its network 120 (210). Local server 115 then requests (215) and receives (220) updates from update source 130.

In one embodiment, intranet 120 comprises a plurality of local servers (e.g., like 115), each of which is tasked to provide update services for a specified group of client computer systems (e.g., 100-125). In this embodiment, each local server may obtain its own set of update packages in accordance with FIG. 2A where only those update packages that are applicable to the client computer system groups receiving update services from the local server are obtained. Illustrative groups include, but are not limited to, “engineer,” “manager,” “secretary,” “software developer,” “system administration,” and “student.”

Referring to FIG. 2B, in this embodiment, following the acts of FIG. 2A (200-220), client or end-user computer system 100 in intranet 120 issues an update request to local server 115 (225). In one embodiment, client 100 identifies an appropriate local server 115 through a directory service (e.g., LDAP). In another embodiment, client 100 is configured via, for example, a local environment variable or a preset system preferences value to contact local server 115. In response, local server 115 provides a catalog list to requesting client computer 100 (230). Client computer 100 displays through, for example, a graphical user interface, the updates identified in the catalog list. From the displayed updates, an end-user operating client computer 100 requests one or more updates from local server 115 (235). When the requested updates are received (240-245), they are installed on client computer 100 (250).

In another embodiment, a single local server (e.g., local server 115) may supply update services for client computer systems (e.g., 100-125) belonging to a plurality of specified groups. In this embodiment, each local server may update packages (in accordance with FIG. 2A) applicable to each client computer system group receiving update services from the local server. If the local server generates an “applicable update” list unique to each client computer group, each clients' interaction with the local server could follow the process described and shown in FIG. 2A. If, on the other hand, the local server generates a catalog list that includes updates that may or may not be applicable to a specific group, each client computer interacting with the local server may process received catalog listings to determine which of the available updates are applicable to it. That is, it would be the requesting client's task to determine which of the available update packages are applicable to its specific configuration. For example, perhaps not all of the software identified in the catalog is licensed on client 100. Further, a software package identified in the catalog list may not be applicable to the user group(s) to which the client computer belongs. Accordingly, updates for these products would not be applicable.

In this latter embodiment, it will be recognized that the catalog list provided by a local server (e.g., 115) to a client computer (e.g., 100) may be different from the catalog list provided by a software vendor's update server (e.g., 105) to the local server. It will further be recognized that the catalog list provided by a local server (e.g., 115) to a first client computer (e.g., 100) may be different from the catalog list provided by the local server to a second client computer (e.g., 125).

In another embodiment, local server (e.g., 115) may obtain a revocation or withdrawal list from an update source (e.g., 130). A revocation list may identify one or more software update packages previously made available by the update source. In this embodiment, the identified revoked software update package(s) would no longer be made available by the local server to its client computer systems (e.g., 100-125). In this manner, a previously provided but errant software update package may be “withdrawn” by alerting a local server to stop making it available. In another embodiment, the local server may notify its client computer systems that have already obtained the “withdrawn” software update package.

As illustrated and discussed above, embodiments in accordance with FIG. 2B provide at least three significant benefits to vendors distributing software updates via a network and to administrators of local networks (e.g., intranet 120). First, client computer systems do not directly interact with vendor's update server 105. Second, the inventive architecture permits intranet administrators, via local server 115, to customize what updates available from vendor's update server 105 are made available to client computers (e.g., 100-125)—different collections of updates may be made available to different groups of users. Further, each local server computer system undertakes the computational task of determining which of the available updates are applicable to it (210). In contrast, the known prior art relies on the vendor's update server to provide this determination. Accordingly, update processing in accordance with these embodiments of the invention reduces the computational load on a vendor's update server and the amount of network traffic required to support an update operation while simultaneously providing increased flexibility and update control for local area network administrators.

Various changes in the illustrative configurations as well as in the details of the illustrated operational methods are possible without departing from the scope of the following claims. For instance, the act of identifying update packages to install may be automated (i.e., 235). Similarly, installing updates may be automated (i.e., 250). It will also be recognized that local server 115 may identify a location other than itself for its client computer systems to obtain update packages. For example, local server 115 may identify one or more servers that are part of intranet 120 (not shown in FIG. 1) from which all client computer systems obtain update packages. In addition, following receipt of updates (e.g., 245), update statistics may be sent back to vendor update server 105. This type of information typically includes identification of each upgrade package obtained/installed and the date the upgrade package was obtained/installed. Further, in the illustrative methods of FIGS. 2A and 2B the acts of synchronizing local server 115 (200-220) may be performed asynchronously and independently of client-initiated updates (225-250). In addition, local server 115 may contact a plurality of vendor update servers, generating catalog lists that incorporate update packages from more than one vendor update server and may even include update packages generated by the local update server's owners/administrators. Further, in one embodiment local server 115 is configured to periodically request update lists from update server 105. In another embodiment, local server 115 requests an update list from update server 105 at an interval that is inversely proportional to the age of the last received update list (i.e., catalog 205). Additionally, acts in accordance with FIGS. 2A and 2B may be performed by a programmable control device executing instructions organized into one or more program modules. A programmable control device may be a single computer processor, a special purpose processor (e.g., a digital signal processor, “DSP”), a plurality of processors coupled by a communications link or a custom designed state machine. Custom designed state machines may be embodied in a hardware device such as an integrated circuit including, but not limited to, application specific integrated circuits (“ASICs”) or field programmable gate array (“FPGAs”). Storage devices suitable for tangibly embodying program instructions include, but are not limited to: magnetic disks (fixed, floppy, and removable) and tape; optical media such as CD-ROMs and digital video disks (“DVDs”); and semiconductor memory devices such as Electrically Programmable Read-Only Memory (“EPROM”), Electrically Erasable Programmable Read-Only Memory (“EEPROM”), Programmable Gate Arrays and flash devices. 

1. A software update method, comprising: receiving, at a first computer system, a first update request from a first client computer system for software updates, the first client computer system having a membership in a first client computer group; receiving, at the first computer system, a second update request from a second client computer for software updates, the second client computer system having a membership in a second client computer group; sending, by the first computer system, a first message to a second computer system, the first message based on a composite of the first and second client computer group's update requests, the first message identifying a composite group of software update packages to be obtained from sources identified by the second computer system; obtaining, by the first computer system, the composite group of software update packages; sending, by the first computer system, a second message to the first client computer system, the second message based on the first client computer group membership and identifying a first group of software update packages to be obtained from the first computer system; and sending, by the first computer system, a third message to the second client computer system, the third message based on the second client computer group membership and identifying a second group of software update packages to be obtained from the first computer system wherein the first group of identified software updates is not identical to the second group of identified software updates.
 2. The method of claim 1, wherein the first client computer group membership additionally comprises membership in a first predetermined user-group.
 3. The method of claim 2, wherein the second client computer group membership additionally comprises membership in a second predetermined user-group.
 4. The method of claim 1, wherein the first group and the second group of identified software update packages differ by at least one identified software update package.
 5. The method of claim 1, wherein the second and third messages identify each software update package with an update package identifier, an update version identifier and a location identifier.
 6. The method of claim 1, further comprising the first client computer system obtaining a software update package identified in the second message.
 7. The method of claim 6, further comprising installing the obtained software update package on the first client computer system.
 8. The method of claim 1, wherein the first computer system maintains a unique update package availability list for each of a plurality of client computer system computer groups.
 9. The method of claim 1, wherein the software update packages identified in the second message comprise upgrades to a software application.
 10. The method of claim 1, wherein the software update packages identified in the second message comprise a stand-alone software application.
 11. A program storage device, readable by a programmable control device, comprising instructions stored on the program storage device for causing the programmable control device to perform the method of claim
 1. 12. The method of claim 1, further comprising obtaining, by the first client computer system, only a subset of software update packages identified in the second message.
 13. The method of claim 1, further comprising installing only a subset of software update packages identified in the second message on the first client computer system.
 14. A software update method, comprising: requesting and receiving a group of software update packages at a local update server from a distal update server, the group of software update packages based on a composite of software associated with computer group memberships for a plurality of computers, the plurality of computers configured to receive software updates from sources identified by the local update server; receiving, at the local update server, a first update request from a first client computer system, the first client computer system having a first computer group membership; receiving, at the local update server, a second update request from a second client computer, the second client computer system having a second computer group membership; sending, by the local update server, a first message responsive to the first update request to the first client computer system and based on the first computer group membership, the first message identifying a first group of voluntary software update packages to be obtained from sources identified by the local update server; and sending, by the local update server, a second message responsive to the second update request to the second client computer system and based on the second computer group membership, the second message identifying a second group of voluntary-software update packages to be obtained from sources identified by the local update server wherein the first group of identified software updates is not identical to the second group of identified software updates.
 15. The method of claim 14, wherein the distal update server comprises a software vendor update server.
 16. The method of claim 15, wherein the local update server, the first client computer system and the second client computer system are members of a common intranet.
 17. The method of claim 14, wherein the local update server periodically, and independently of requests from the first and second client computer systems, obtains update software packages from the distal update server based on the computer group membership of the first and second client computer systems.
 18. The method of claim 17, wherein at least one of the software update packages obtained from the distal update server is not installed on the local update server.
 19. The method of claim 14, wherein the act of receiving a group of software update packages at a local update server comprises receiving a withdrawal message from the distal update server, the withdrawal message identifying one or more software update packages.
 20. The method of claim 19, wherein the local update server, in response to the withdrawal message, stops identifying the one or more software update packages identified in the withdrawal message to the first and second client computer systems.
 21. The method of claim 14, wherein the first computer group membership additionally comprises membership in a first predetermined user-group.
 22. The method of claim 21, wherein the second computer group membership additionally comprises membership in second predetermined user-group.
 23. The method of claim 14, wherein the first and second messages identify each software update package with an update package identifier, an update version identifier and a location identifier.
 24. The method of claim 23, wherein the location identifier identifies a computer system different from the local update server.
 25. The method of claim 14, further comprising the first client computer system obtaining a software update package identified in the first message.
 26. The method of claim 25, wherein the act of obtaining comprises obtaining the software update package from the local update server.
 27. The method of claim 25, further comprising installing the obtained software update package on the first client computer system.
 28. The method of claim 14, wherein the local update server maintains a unique update package availability list for each of a plurality of client computer system groups.
 29. The method of claim 14, wherein the software update packages identified in the first message comprise upgrades to a software application.
 30. The method of claim 14, wherein the software update packages identified in the first message comprise a stand-alone software application.
 31. A program storage device, readable by a programmable control device, comprising instructions stored on the program storage device for causing the programmable control device to perform the method of claim
 14. 32. The method of claim 14, further comprising obtaining, by the first client computer system, only a subset of software update packages identified in the first message.
 33. The method of claim 14, further comprising installing only a subset of software update packages identified in the first message on the first client computer system.
 34. The method of claim 14, wherein the sources identified by the local update server comprise the local update server itself. 